RE: Unexpected authentication behaviour

Hello Wim,

You are right. I found it in documentation (https://www.postgresql.org/docs/current/auth-password.html)

"The authentication method specification md5 will automatically switch to using the scram-sha-256 method in this case, as explained above, so it will also work."

Thank's for your help.

Best regards!

Domen Šetar
Computer Systems Support
IZUM – Institute of Information Science | Prešernova ulica 17 | 2000 Maribor | Slovenia
T: +386 2 25 20 339 | M: +386 41 676 342 | www.izum.si | domen(dot)setar(at)izum(dot)si

-----Original Message-----
From: Wim Bertels <wim(dot)bertels(at)ucll(dot)be>
Sent: Tuesday, August 27, 2024 10:50 AM
To: pgsql-admin(at)lists(dot)postgresql(dot)org
Subject: Re: Unexpected authentication behaviour

Hello Izum

in my memory,
this is the fallback behaviour to a safer auth method (from md5 to scram), the other way around it doesn't work; correct me if i'm wrong, should be in the documentation

hth,
Wim

Domen Šetar schreef op di 27-08-2024 om 08:00 [+0000]:
> Hi Admins,
>  
> I have strange issue that I can't explain to myself:
>  
> I want to use scram-sha-256 authentication on postgresql 16.
> Parameter password_encryption is set to scram-sha-256. I defined a
> user with scram-sha-256 encoded password.
> My pg_hba.conf have  following  lines:
>  
> # TYPE  DATABASE        USER            ADDRESS METHOD local      all
> all                                                          peer host       
> all                          all
>       samenet                     md5
>  
> Even though there is defined md5 authentication method for remote
> logins in pg_hba.conf I can make remote login to my postgresql server
> which is unexpected behaviour of postgresql.
> What did I miss?
>  
> Best regards!
> izum
> Domen Šetar
> Computer Systems Support
> IZUM – Institute of Information Science| Prešernova ulica 17 | 2000
> Maribor |Slovenia
> T: +386 2 25 20 339| M: +386 41 676
> 342|www.izum.si|domen(dot)setar(at)izum(dot)si
>
>  
>